I wonder when the politicians (and apparently some Slashdot users) will wake up and realize that the US does not really have "control" of the Internet naming system.
If a subset of Internet users wanted to, they could define a "new" network using a separate set of DNS servers, different standards for naming domains, etc. No one would have to pay for "extra" network wiring since very likely the new net could tunnel over existing lines.
We use the current root servers and addressing system by de facto standard and convention, not because they're required for Internet operation or because they're the only way to do things.
I always thought that this same "starting over" would be a good thing to do for the Usenet news groups - to reset their membership to a time before spammers, monkeys with keyboards, and mental defectives when group content was almost all signal with no noise. Those of you old enough to remember that can appreciate how good it was back then. Not perfect to be sure, but it was at least possible to have an intelligent conversation sometimes. Create a separate usenet with better protocols, better controls, and encryption, and deploy it.
The US government would try to crack down on it, outlaw non regulated network creation, and outlaw anything they didn't control, bringing us one step closer to the second United States civil war.
Erik
PS: Rob, integrate Kupu into Slashdot. Text boxes with manual html codes went out of style ten years ago.
1. XML-RPC had a recent exploit that could be revisited in a very nasty way. Even though this appears to use POST, it's still looking pretty complicated from my perspective. I think the same results could be achieved in a much easier way.
So your first argument is that one of the components involved had a security problem? You'd better stop using the internet then, or maybe even your own CMS.
2. I think the motivation for this service is skewed. The only motivation I can detect for Open Id is to save people FIVE SECONDS by logging into a new forum, website... etc. People already have their own methods to achieve this kind of simplicity in their lives.
The end goal of this is much more grandiose. One thing that is both a strength and weakness of the Internet is anonymity. Blanket anonymity has no doubt been a plus for many people over the years, but it's now much more of a problem than it's worth. The Internet in general needs a way for the average user to present credentials to internet services that is automated, fast, and simple. This would be a building block for validation of web sites, e-mail messages, decentralized public key distribution, and a lot of other useful (and badly needed) services.
Removal of blanket anonymity (but not elimination of all anonymity) will improve the signal to noise ratio of internet data by several orders of magnitude.
3. Tools like Firefox's "remember password" make these kinds of shared identity systems obosolete, don't they? Who cares how many passwords you have to remember? You don't have to remember ANY of them anymore, really.
That's why that feature of firefox gets disabled by many corporations. It's very insecure. Other options for storing long, non memorable passwords include palm pilots, dedicated password PDAs, and such. They're clunky and sooner or later passwords will become too long to type in anyway. Being able to reference the place to *get* the user's password (along with their encryption settings, public key, etc) is actually more secure.
4. Caution should be applied when linking with systems using any kind of third party medium. KISS.
The Internet is by its nature much more interdependent than you know. It's impossible to do anything online without using at least a few dozen interlinked systems and standards. In general, keeping it simple is a good design rule but it tends to produce simple, monolithic system designs that are unsuited to Internet scale activities. For an example of a large scale distributed service that is as simple as possible on the Internet, check out the DNS design RFC.
5. A system should rely on as few other systems as possible. Minimalism will make a web experience a happy one.
This is an over-generalization. True that dependence on proprietary systems is generally bad because proprietary systems are usually not subject to the public evolutionary process applied to open standards, and therefore can have more problems.
In general, simplicity triumphs over complexity when two ways of doing the same work are compared. Complexity wins out if a better (faster, easier) way of doing the work happens to be more complex.
6. This could be ripe for phishing.
I'm presuming you mean people could send e-mails saying "go to this URL". They can do that now. This would actually help with Phishing deterrence if users learned to only trust "verified" e-mail sender identities.
7. Lag. If systems must cooperate, they should do so passively. Most XML-RPC calls, for example, will put the lag on the end-user. This should become a passive cron job or something like it, if it must be used. Make the user "temporarily unverified" until he/she/it can be verified at a later date by an automated process. Let the lag be placed on the system, no
To clarify the bus speed issue, the front side bus in any Xeon or P4 system must be shared by all CPUs, meaning that 800Mhz FSB effectively is a 200Mhz fsb for four cpu machines. I suspect the situation is worse with hyperthreading turned on, since that tends to increase utilization of the FSB, at least in theory.
Opterons on the other hand have an integrated memory controller on die, and each cpu in a multi-cpu system has its path to core memory.
I suppose you could just get all single cpu machines, but that would be even more expensive than multi-cpu Xeons, and far more expensive than the Opterons...
Erik
Aye. The IV-A is the one I was referring to above, I believe. A as I recall specifies that a trauma plate is included, which is needed to deal with the energy from the 7.62x39 round's impact.
Of course, the IIA and IIIA vests will prevent penetration of normal bullets, but not the blunt force trauma from same. All bets are off on "illegal" bullets made from super hard materials designed to penetrate armor...
Kevlar is designed to resist blunt force trauma, not penetration from sharp objects. There are numerous documented reports (check the darwin awards site for a few) of people "testing" vests by being stabbed while wearing them, and dying from having their heart or lungs penetrated.
If you want to test a kevlar vest, have someone wear it while you hit it with a baseball bat.
If you want to avoid knife penetration, wear chain mail over it (if you can find any that's real; the stuff most SCA folks make from wire would only resist a pocket knife).
Oh, and unless your vest is one of the newest military models, a standard FMJ round from a M-16 or AK-47 will go through it. The AK-47 will actually go through both panels - and the wearer - and still have the velocity left to kill someone standing behind you.
The main use of a kevlar vest is to give you a second chance if someone hits your center of mass with a low velocity ballistic object. They're not suits of armor meant to deflect all attacks.
So you're saying if I don't like an artwork I should pretend it doesn't exist, or at least actively avoid exposure? And I shouldn't say anything unless I have something positive to say?
Do you come out from under your rock often, or is this a new experience for you?
The entire purpose of most art works is to provoke thought or emotion. Isolating myself from art work I don't like is a really stupid idea for a large number of reasons. The artist in question would agree with me. He wants me to see this, like it or dislike it, and react to it.
Oh, and I'm far more important to the artist than the author is at this point, I'm part of the consuming public who's going to see this guy's next movie, buy the DVD, etc.
And a pedantic point, the thing I'm annoyed by isn't Jackson's "interpretation" of the books, I'm mostly upset by his re-editing of the original story in the pursuit of "fixes" to the plot, or to make what he considers a better movie. In short, putting a large sheepdog in the place of Faramir would be interpretation. Making that sheepdog be a spy of mordor instead of a captain of Gondor would be editing. It's a shame Jackson couldn't use the spaces between the original story's plot points to make his movie, instead of hacking up the original.
Uh, moved for study? He was thought to be a modern corpse at first, and was hauled off by the authorities with no care for placement of artifacts, etc.
Unless his possessions were frozen solid to him, they got left behind like his missing genitals.
This "ritualistic placement" stuff sounds like bunk.
Erik
On a general note, I'd encourage most persons living in this society to respond to federal initiatives that limit personal freedoms in the following ways, in the following order of action:
Try to block any new law or rule that limits the freedom by convincing people how stupid it is
Try to alter pending new laws so that there are ways to legally bypass the system (loopholes)
Allow the new law to pass in draconian form, then present a court challenge to it and have it struck down
Try to alter pending new laws so there are easy illegal ways to bypass the new system, preferably with a minimum chance of getting caught
Civilly disobey to protest new, unjust laws
(Last resort)Take up arms against the government to forcibly protect freedoms
Subverting the system as mentioned above is an expression of (4) above. I'd try to block the new system, but no one in.gov will listen because of 9/11, and I'd try to tell USPS how important anonymously sending a letter could be, but they don't even listen to their employees, much less the public. This isn't a law, it isn't strictly speaking a federal corporation doing it either, so I don't have recourse that way.
So, we're down to illegal recourse.
On the subject of prisons, I am unwilling to live next door to persons who consider violence as socially acceptable as bowling. While I do wish fewer people committed crimes requiring prison sentences, I fully support building prisons or more preferably correctional therapy facilities in such numbers as are needed so that all criminals spend their full sentence behind bars. If you do a crime, you should do the time, and you should work while you're inside to pay for your keep.
It's the ML-OCR systems, deployed at the bulk mail centers, that use Linux. There was an article online about it a while back, and I ran into it while I worked there a bit.
You're correct in that the information isn't stored, just translated to machine format for help routing the mail.
USPS already has some systems that help track mail, including the one that puts those little bar-code like things at the bottom edge of the envelope (they're more or less translations of zip code information).
Didja know that USPS uses Linux systems to do OCR on address information? It's the only serious use of Linux at USPS, mostly due to anal government service employees who barely managed to finish high school and who can't be fired due to union seniority.
Actually, USPS has been looking into a mail tracking system since just after 9/11 (I worked there on and after 9/11 for a while) and this report will just help them get funding for that system.
Really, this isn't a terribly bad thing. If you think about it, it just verifies what post office the mail came from. The information about the sender is going to be the information that the sender presented at the post office of origin for verification.... to a non-trained government employee who probably could make more cash working at mcdonalds (no bull, I have a great deal of respect for those letter carriers... out in all weather, and most get paid about $20k a year).
I also can't imagine that there will be human checks of the sender information in a lot of cases, since there are drop boxes all over the place for mail, and there's no way they can either remove those or staff them with people.
Yet another easily subvertable federal system meant to make us safer, but really just another way to spend gobs of your tax dollars on things we need less than more prisons and better schools.
Even though your IP doesn't show, lots of other useful information does. Examples: First, a lot of people tend to use the same screen name on a lot of online services. Second, a unique.sig file can mark a person. Third, you can textually analyze a person's typing patterns and HTML code and come up with a percentage chance of a match in authorship between two texts. The list of ways to compare posts is pretty long.
If you come up with a 90 percent chance that a post on slashdot about hacked government web sites, a post on a hacker board giving details of an intrusion into an un-named government web site, and a post on a college computer club's bbs about web site code naming the student author were written by the same person, that's usually good enough to investigate.
This is a small part of how echelon works... by matching up fragments of output from a single author/speaker, or fragments of information about them to present a larger picture. The government doesn't need magic back doors to find out what's in your encrypted e-mail... if you make ten comments about the subject in ten different places, they can jigsaw together a pretty good idea of what was occulted by encryption.
Sure, there's some data in federal databases that isn't in private ones, but there's a lot of companies that already have databases like this put together, listing every possible bit of credit and consumer information about you they know or can buy.
Those databases are unregulated, and they don't have to tell anyone they have assembled that information. Zero accountability. Raise your hand if you think the government doesn't have access to that information on a rental basis.
Once the government gets this system assembled, there will finally be a concrete reason to work out some legislation governing what can be done with large scale assemblies of data about the public in general, and lawmakers will finally have a reason to draw a line somewhere to mark the point where assembly and correlation of data becomes an invasion of privacy.
Yeah, it's gonna be painful. But I'd rather have this battle be fought on a battlefield I understand and can control than with guns, knives, and bombs. Just think of how many accounts with access to this database there will be... and how many chances to shoulder surf, social engineer, stack smash, and otherwise access and corrupt the data?
ObPaRaNoIa: I'm nearly certain that the fed somewhere is harvesting slashdot pages with a web spider and doing a full text index and cross-correlation with other known "hacker" web blogs... it's a great way to keep track of those "criminals". How many hackers can give up reading slashdot, even when they're running from the law?
Heh, I actually have several Octanes. They're built using the R10000 or R12000, which is considerably hotter than the Sibyte type, and has a much larger die size.
Keep in mind also that newer manufacturing processes will cut die and trace sizes, thereby reducing power consumption and heat dissipation.
MIPS chips are pretty common in embedded systems these days.. they run nice and cool, without large heat sinks.
Erik
The CPU core listed in the article is quoted to be a 333 mhz dual R4000 - this sounds suspiciously close to the Broadcom/Sibyte SB-1 dual core.. for CPU power, this would be roughly the same as an Octane 1 class SGI workstation with dual CPUs (MIPS hardware floating point, even).
Linux already runs on the SB-1 core(s).
Plus the MIPS CPUs have very low power consumption compared to most of Intel's chips.. comparable to or better than Transmeta's offerings.
I don't own any game consoles, but I may actually buy one of these =)
The LRP should have gone away a long time ago. I once had the misfortune to try to work on some GPL software that Mr. Cinege was interested in (portslave, part of LRP at the time) and to say that he was unstable is quite an understatement. I actually gave up work on the project (my first real GPL based software project, and the only one of any worth so far) due to his insanity. (details were given anonymously without mention of the project name in an ask slashdot from a few years ago)
To make a long story somewhat shorter, Mr. Cinege unilaterally declared himself the "official" maintainer of portslave when I refused to blindly accept any patches he sent (which he did not create himself; the LRP was mostly, I believe, created from other people's work). He then added some very unprintable comments to his.sig file describing various sexual acts I could perform on him.
This guy was and is a raving loon. I think his website posting is a plea for attention so he can feel more like part of the down-trodden anti-microsoft Linux-using masses, and because he thinks the world owes him a living, and wants charity.
I pity the next person who gives him a job.
If he was hit by a car tomorrow, I'd be worried that the car was damaged.
Normally I don't reply to my own posts, but I thought I should fix an error above:
s/symmetric/asymmetric/... an asymmetric cryptography system is what I mean, PGP like using RSA for the passphrase with some symmetric algorithm for encrypting the body of the message.
Erik
It's nice that people are thinking along these lines, but this scheme has at least one big problem. Effectively the PCA (the keepers of the keys) in the proposal have to have a significantly large, distributed infrastructure to handle authentication for global e-mail. This doesn't exist, and a lot of money is needed to set it up, which implies some form of government support, which comes with strings attached (usually).
If you make the PCAs non-centralized to the point where relatively small organizations can function as a PCA, then there are so many of them that some hierarchy of PCAs has to be set up, ala DNS, or else you dramatically increase the load on mail servers which will already need more CPU for cryptographic processing by making them check long lists of PCA IPs to see if anyone has the key for the message they're trying to validate.
Here's a better (though still flawed) idea, which assumes a symmetric public key system can be used:
Set up a Domain Key System (DKS) where every host on the internet has a defined DKS primary and secondary server.
Set up a convention within DNS servers where a lookup on a given subdomain returns the public key information for a particular user. Construct this false DNS name using the FQDN of the user's mail server plus the username and a subdomain name (like "key", eg. erik.key.hotmail.com). Users wishing to send mail should send the mail with a return address @ the domain that holds their public key.
Every e-mail sent should have in its header an X-key field that is the armored (with the user's private key) checksum of the message plaintext.
On receipt of a message, the receiving server performs a DNS lookup of the constructed "key" address to get the user's public key. It uses this to verify the authenticity of the message received (IE is the sending address really the person who sent the message). If the message doesn't verify, dump it in the bit bucket.
Require all compliant servers to use the MAPS RBL or a similar list (possibly a commercial one) to download a (cacheable) list of servers (or users) that send spam. Since messages are authenticated as definitively coming from a source domain, this eliminates black holing innocent bystanders, and allows RBL to target spammers only. Since the list of black holed domains is relatively short (computationally speaking) a copy can reasonably be kept on a mail server, and updated on a regular basis. Large organizations can download a single copy of the list to an internal server, and explode it out to other servers from there.
If desired, the MAPS people can charge for the more frequent updates of their list (every 5 min, for instance) thus supporting their servers.
A bonus of this system allows easy encrypted e-mail... your e-mail client just looks up the public key of the destination user in the DKS, encrypts the message with it, then calculates the checksum and armors that with the sender's public key before sending. The receiving server can validate this e-mail as coming from a given sender, and only the holder of the private key that matches the destination address can read it.
Minimal changes to the existing SMTP server software are needed to implement this system, and I think no? changes to BIND style DNS.
The system scales linearly with the number of users... if you have a mail server supporting 10,000 users, your DNS server had better support them too. A single user can have a tiny server that supports publishing their single key, perhaps the same as their SMTP host, and perhaps only transiently on the Internet (long enough to send a message), although this prohibits receipt of encrypted e-mail.
If you manage to set up a central key authority somehow, for bonus credit you can allow the DKS keys to be kept in armored form in the DNS servers, decrypted only by the public key of the central authority, which will provide the armored key to the e-mail user upon verifying the user's identity
I dunno what's more disappointing, that some lamer submitted this to slashdot, or that more of you supposedly "Educated" geeks don't challenge the idea.
Slashdot Mirror
If a subset of Internet users wanted to, they could define a "new" network using a separate set of DNS servers, different standards for naming domains, etc. No one would have to pay for "extra" network wiring since very likely the new net could tunnel over existing lines.
We use the current root servers and addressing system by de facto standard and convention, not because they're required for Internet operation or because they're the only way to do things.
I always thought that this same "starting over" would be a good thing to do for the Usenet news groups - to reset their membership to a time before spammers, monkeys with keyboards, and mental defectives when group content was almost all signal with no noise. Those of you old enough to remember that can appreciate how good it was back then. Not perfect to be sure, but it was at least possible to have an intelligent conversation sometimes. Create a separate usenet with better protocols, better controls, and encryption, and deploy it.
The US government would try to crack down on it, outlaw non regulated network creation, and outlaw anything they didn't control, bringing us one step closer to the second United States civil war.
Erik
PS: Rob, integrate Kupu into Slashdot. Text boxes with manual html codes went out of style ten years ago.
So your first argument is that one of the components involved had a security problem? You'd better stop using the internet then, or maybe even your own CMS.
The end goal of this is much more grandiose. One thing that is both a strength and weakness of the Internet is anonymity. Blanket anonymity has no doubt been a plus for many people over the years, but it's now much more of a problem than it's worth. The Internet in general needs a way for the average user to present credentials to internet services that is automated, fast, and simple. This would be a building block for validation of web sites, e-mail messages, decentralized public key distribution, and a lot of other useful (and badly needed) services. Removal of blanket anonymity (but not elimination of all anonymity) will improve the signal to noise ratio of internet data by several orders of magnitude.
That's why that feature of firefox gets disabled by many corporations. It's very insecure. Other options for storing long, non memorable passwords include palm pilots, dedicated password PDAs, and such. They're clunky and sooner or later passwords will become too long to type in anyway. Being able to reference the place to *get* the user's password (along with their encryption settings, public key, etc) is actually more secure.
The Internet is by its nature much more interdependent than you know. It's impossible to do anything online without using at least a few dozen interlinked systems and standards. In general, keeping it simple is a good design rule but it tends to produce simple, monolithic system designs that are unsuited to Internet scale activities. For an example of a large scale distributed service that is as simple as possible on the Internet, check out the DNS design RFC.
This is an over-generalization. True that dependence on proprietary systems is generally bad because proprietary systems are usually not subject to the public evolutionary process applied to open standards, and therefore can have more problems. In general, simplicity triumphs over complexity when two ways of doing the same work are compared. Complexity wins out if a better (faster, easier) way of doing the work happens to be more complex.
I'm presuming you mean people could send e-mails saying "go to this URL". They can do that now. This would actually help with Phishing deterrence if users learned to only trust "verified" e-mail sender identities.
Opterons on the other hand have an integrated memory controller on die, and each cpu in a multi-cpu system has its path to core memory.
I suppose you could just get all single cpu machines, but that would be even more expensive than multi-cpu Xeons, and far more expensive than the Opterons... Erik
Aye. The IV-A is the one I was referring to above, I believe. A as I recall specifies that a trauma plate is included, which is needed to deal with the energy from the 7.62x39 round's impact.
Of course, the IIA and IIIA vests will prevent penetration of normal bullets, but not the blunt force trauma from same. All bets are off on "illegal" bullets made from super hard materials designed to penetrate armor...
Dumb, dumb idea.
Kevlar is designed to resist blunt force trauma, not penetration from sharp objects. There are numerous documented reports (check the darwin awards site for a few) of people "testing" vests by being stabbed while wearing them, and dying from having their heart or lungs penetrated.
If you want to test a kevlar vest, have someone wear it while you hit it with a baseball bat.
If you want to avoid knife penetration, wear chain mail over it (if you can find any that's real; the stuff most SCA folks make from wire would only resist a pocket knife).
Oh, and unless your vest is one of the newest military models, a standard FMJ round from a M-16 or AK-47 will go through it. The AK-47 will actually go through both panels - and the wearer - and still have the velocity left to kill someone standing behind you.
The main use of a kevlar vest is to give you a second chance if someone hits your center of mass with a low velocity ballistic object. They're not suits of armor meant to deflect all attacks.
Erik
Do you come out from under your rock often, or is this a new experience for you?
The entire purpose of most art works is to provoke thought or emotion. Isolating myself from art work I don't like is a really stupid idea for a large number of reasons. The artist in question would agree with me. He wants me to see this, like it or dislike it, and react to it.
Oh, and I'm far more important to the artist than the author is at this point, I'm part of the consuming public who's going to see this guy's next movie, buy the DVD, etc.
And a pedantic point, the thing I'm annoyed by isn't Jackson's "interpretation" of the books, I'm mostly upset by his re-editing of the original story in the pursuit of "fixes" to the plot, or to make what he considers a better movie. In short, putting a large sheepdog in the place of Faramir would be interpretation. Making that sheepdog be a spy of mordor instead of a captain of Gondor would be editing. It's a shame Jackson couldn't use the spaces between the original story's plot points to make his movie, instead of hacking up the original.
Erik
Amen. That major change to faramir's character was the number one gripe I had with TTT. Plus, the actor was butt ugly.
Google - it's not just for breakfast any more.
Erik
Unless his possessions were frozen solid to him, they got left behind like his missing genitals.
This "ritualistic placement" stuff sounds like bunk. Erik
- Try to block any new law or rule that limits the freedom by convincing people how stupid it is
- Try to alter pending new laws so that there are ways to legally bypass the system (loopholes)
- Allow the new law to pass in draconian form, then present a court challenge to it and have it struck down
- Try to alter pending new laws so there are easy illegal ways to bypass the new system, preferably with a minimum chance of getting caught
- Civilly disobey to protest new, unjust laws
- (Last resort)Take up arms against the government to forcibly protect freedoms
Subverting the system as mentioned above is an expression of (4) above. I'd try to block the new system, but no one inSo, we're down to illegal recourse.
On the subject of prisons, I am unwilling to live next door to persons who consider violence as socially acceptable as bowling. While I do wish fewer people committed crimes requiring prison sentences, I fully support building prisons or more preferably correctional therapy facilities in such numbers as are needed so that all criminals spend their full sentence behind bars. If you do a crime, you should do the time, and you should work while you're inside to pay for your keep.
Erik
It's the ML-OCR systems, deployed at the bulk mail centers, that use Linux. There was an article online about it a while back, and I ran into it while I worked there a bit. You're correct in that the information isn't stored, just translated to machine format for help routing the mail.
Didja know that USPS uses Linux systems to do OCR on address information? It's the only serious use of Linux at USPS, mostly due to anal government service employees who barely managed to finish high school and who can't be fired due to union seniority.
Actually, USPS has been looking into a mail tracking system since just after 9/11 (I worked there on and after 9/11 for a while) and this report will just help them get funding for that system.
Really, this isn't a terribly bad thing. If you think about it, it just verifies what post office the mail came from. The information about the sender is going to be the information that the sender presented at the post office of origin for verification.... to a non-trained government employee who probably could make more cash working at mcdonalds (no bull, I have a great deal of respect for those letter carriers... out in all weather, and most get paid about $20k a year).
I also can't imagine that there will be human checks of the sender information in a lot of cases, since there are drop boxes all over the place for mail, and there's no way they can either remove those or staff them with people.
Yet another easily subvertable federal system meant to make us safer, but really just another way to spend gobs of your tax dollars on things we need less than more prisons and better schools.
Erik
If you come up with a 90 percent chance that a post on slashdot about hacked government web sites, a post on a hacker board giving details of an intrusion into an un-named government web site, and a post on a college computer club's bbs about web site code naming the student author were written by the same person, that's usually good enough to investigate.
This is a small part of how echelon works... by matching up fragments of output from a single author/speaker, or fragments of information about them to present a larger picture. The government doesn't need magic back doors to find out what's in your encrypted e-mail... if you make ten comments about the subject in ten different places, they can jigsaw together a pretty good idea of what was occulted by encryption.
Erik
Sure, there's some data in federal databases that isn't in private ones, but there's a lot of companies that already have databases like this put together, listing every possible bit of credit and consumer information about you they know or can buy.
Those databases are unregulated, and they don't have to tell anyone they have assembled that information. Zero accountability. Raise your hand if you think the government doesn't have access to that information on a rental basis.
Once the government gets this system assembled, there will finally be a concrete reason to work out some legislation governing what can be done with large scale assemblies of data about the public in general, and lawmakers will finally have a reason to draw a line somewhere to mark the point where assembly and correlation of data becomes an invasion of privacy.
Yeah, it's gonna be painful. But I'd rather have this battle be fought on a battlefield I understand and can control than with guns, knives, and bombs. Just think of how many accounts with access to this database there will be... and how many chances to shoulder surf, social engineer, stack smash, and otherwise access and corrupt the data?
ObPaRaNoIa: I'm nearly certain that the fed somewhere is harvesting slashdot pages with a web spider and doing a full text index and cross-correlation with other known "hacker" web blogs... it's a great way to keep track of those "criminals". How many hackers can give up reading slashdot, even when they're running from the law?
Erik
Heh, I actually have several Octanes. They're built using the R10000 or R12000, which is considerably hotter than the Sibyte type, and has a much larger die size. Keep in mind also that newer manufacturing processes will cut die and trace sizes, thereby reducing power consumption and heat dissipation. MIPS chips are pretty common in embedded systems these days.. they run nice and cool, without large heat sinks. Erik
The CPU core listed in the article is quoted to be a 333 mhz dual R4000 - this sounds suspiciously close to the Broadcom/Sibyte SB-1 dual core.. for CPU power, this would be roughly the same as an Octane 1 class SGI workstation with dual CPUs (MIPS hardware floating point, even).
Linux already runs on the SB-1 core(s).
Plus the MIPS CPUs have very low power consumption compared to most of Intel's chips.. comparable to or better than Transmeta's offerings.
I don't own any game consoles, but I may actually buy one of these =)
Erik
To make a long story somewhat shorter, Mr. Cinege unilaterally declared himself the "official" maintainer of portslave when I refused to blindly accept any patches he sent (which he did not create himself; the LRP was mostly, I believe, created from other people's work). He then added some very unprintable comments to his
This guy was and is a raving loon. I think his website posting is a plea for attention so he can feel more like part of the down-trodden anti-microsoft Linux-using masses, and because he thinks the world owes him a living, and wants charity.
I pity the next person who gives him a job.
If he was hit by a car tomorrow, I'd be worried that the car was damaged.
Am I being clear enough on my feelings here?
Erik
Normally I don't reply to my own posts, but I thought I should fix an error above: s/symmetric/asymmetric/ ... an asymmetric cryptography system is what I mean, PGP like using RSA for the passphrase with some symmetric algorithm for encrypting the body of the message.
Erik
If you make the PCAs non-centralized to the point where relatively small organizations can function as a PCA, then there are so many of them that some hierarchy of PCAs has to be set up, ala DNS, or else you dramatically increase the load on mail servers which will already need more CPU for cryptographic processing by making them check long lists of PCA IPs to see if anyone has the key for the message they're trying to validate.
Here's a better (though still flawed) idea, which assumes a symmetric public key system can be used:
Set up a Domain Key System (DKS) where every host on the internet has a defined DKS primary and secondary server.
If desired, the MAPS people can charge for the more frequent updates of their list (every 5 min, for instance) thus supporting their servers.
A bonus of this system allows easy encrypted e-mail... your e-mail client just looks up the public key of the destination user in the DKS, encrypts the message with it, then calculates the checksum and armors that with the sender's public key before sending. The receiving server can validate this e-mail as coming from a given sender, and only the holder of the private key that matches the destination address can read it.
Minimal changes to the existing SMTP server software are needed to implement this system, and I think no? changes to BIND style DNS.
The system scales linearly with the number of users... if you have a mail server supporting 10,000 users, your DNS server had better support them too. A single user can have a tiny server that supports publishing their single key, perhaps the same as their SMTP host, and perhaps only transiently on the Internet (long enough to send a message), although this prohibits receipt of encrypted e-mail.
If you manage to set up a central key authority somehow, for bonus credit you can allow the DKS keys to be kept in armored form in the DNS servers, decrypted only by the public key of the central authority, which will provide the armored key to the e-mail user upon verifying the user's identity
See (lazy me, cut and paste from a google news post):
l ity.htm/ gps_pdd.htmS _SA_Event_QAs.pdf
http://www.igeb.gov/sa.shtml
http://www.navcen.uscg.gov/gps/selective_availabi
https://www.peterson.af.mil/GPS_Support/documents
http://www.ngs.noaa.gov/FGCS/info/sans_SA/docs/GP
In short, NO, they won't degrade GPS.
I dunno what's more disappointing, that some lamer submitted this to slashdot, or that more of you supposedly "Educated" geeks don't challenge the idea.
Erik